rainbownapkin/fore.st
1
0
Fork 0
Code Issues 13 Pull requests Projects Releases Packages Wiki Activity Actions

Replace XSS filter with sanitize-html

Browse source
This commit is contained in:
Calvin Montgomery 2015-01-06 12:20:48 -05:00 committed by calzoneman
parent 8630c5972c
commit 1c3a669279
3 changed files with 61 additions and 253 deletions
Download patch file Download diff file Expand all files Collapse all files

6
lib/channel/customization.js
View file

@ -36,9 +36,11 @@ CustomizationModule.prototype.load = function (data) {
if ("motd" in data) {
this.motd = {
motd: data.motd.motd || "",
html: data.motd.html || ""
motd: data.motd.motd || ""
};
this.motd.motd = XSS.sanitizeHTML(this.motd.motd);
this.motd.html = this.motd.motd.replace(/\n/g, "<br>");
}
};